nuclei-templates/misconfiguration/horde-unauthenticated.yaml

28 lines
507 B
YAML

id: horde-unauthenticated
info:
name: Horde Groupware Unauthenticated
author: pikpikcu
severity: critical
tags: horde,unauth
requests:
- method: GET
path:
- "{{BaseURL}}/horde/admin/user.php"
- "{{BaseURL}}/admin/user.php"
headers:
Content-Type: text/html
matchers-condition: and
matchers:
- type: word
words:
- "<title>Horde :: User Administration</title>"
condition: and
- type: status
status:
- 200